Full List

Search

Recent Vulnerabilities

• CVE-2025-32552 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory MSRP (RRP) Pricing for WooCommerce allows Reflected XSS. This issue affects MSRP (RRP) Pricing for WooCommerce: from n/a through 1.8.1.
• CVE-2025-32554 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raptive Raptive Ads allows Reflected XSS. This issue affects Raptive Ads: from n/a through 3.7.3.
• CVE-2025-32557 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rico Macchi WP Featured Screenshot allows Reflected XSS. This issue affects WP Featured Screenshot: from n/a through 1.3.
• CVE-2025-32560 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohammad I. Okfie WP-Hijri allows Reflected XSS. This issue affects WP-Hijri: from n/a through 1.5.3.
• CVE-2025-32561 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plugins.club WP_DEBUG Toggle allows Reflected XSS. This issue affects WP_DEBUG Toggle: from n/a through 1.1.
• CVE-2025-32562 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com WP Easy Poll allows Reflected XSS. This issue affects WP Easy Poll: from n/a through 2.2.9.
• CVE-2025-32564 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tomroyal Stop Registration Spam allows Reflected XSS. This issue affects Stop Registration Spam: from n/a through 1.24.
• CVE-2025-32566 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashraful Sarkar Naiem License For Envato allows Reflected XSS. This issue affects License For Envato: from n/a through 1.0.0.
• CVE-2025-32571 • published on April 17, 2025 Deserialization of Untrusted Data vulnerability in turitop TuriTop Booking System allows Object Injection. This issue affects TuriTop Booking System: from n/a through 1.0.10.
• CVE-2025-32572 • published on April 17, 2025 Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus allows Object Injection. This issue affects Kata Plus: from n/a through 1.5.2.
• CVE-2025-32573 • published on April 17, 2025 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kiotviet KiotViet Sync allows SQL Injection. This issue affects KiotViet Sync: from n/a through 1.8.3.
• CVE-2025-32578 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapro Collins Coming Soon Countdown allows Reflected XSS. This issue affects Coming Soon Countdown: from n/a through 2.2.
• CVE-2025-32582 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EXEIdeas International WP AutoKeyword allows Stored XSS. This issue affects WP AutoKeyword: from n/a through 1.0.
• CVE-2025-32583 • published on April 17, 2025 Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post allows Remote Code Inclusion. This issue affects PDF 2 Post: from n/a through 2.4.0.
• CVE-2025-32588 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Credova Financial Credova_Financial allows Reflected XSS. This issue affects Credova_Financial: from n/a through 2.4.8.
• CVE-2025-32590 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tzin111 Web2application allows Reflected XSS. This issue affects Web2application: from n/a through 5.6.
• CVE-2025-32592 • published on April 17, 2025 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn – WordPress Posts Table Filterable allows Stored XSS. This issue affects TableOn – WordPress Posts Table Filterable: from n/a through 1.0.3.
• CVE-2025-32593 • published on April 17, 2025 Missing Authorization vulnerability in Bytes Technolab Add Product Frontend for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Add Product Frontend for WooCommerce: from n/a through 1.0.6.
• CVE-2025-32594 • published on April 17, 2025 Insertion of Sensitive Information Into Sent Data vulnerability in WPMinds Simple WP Events allows Retrieve Embedded Sensitive Data. This issue affects Simple WP Events: from n/a through 1.8.17.
• CVE-2025-32596 • published on April 17, 2025 Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real Estate Manager allows Code Injection. This issue affects Real Estate Manager: from n/a through 7.3.